<?php
require_once('App-Top.php');
//// require_once('Cookie-Handler.php'); //// Only Activate in UNProtected Area
require_once('Authorizer.php'); //// Only Activate in Protected Area
require_once('FEFunctions.php');
//// ChangePassw.php
//// This is the Change Password Interface for the WOG site.
//// Set Page Title
$page_title = 'Change Password -  Whiff Of Grape';

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
        <title><?php echo $page_title; ?></title>
        <style type="text/css" media="screen">@import url(style.css);</style>
        <style type="text/css">
            input[type=password]{margin:0.25em 0.5em;}
            label { display:block; width:220px; float:left; margin:2px 4px 6px 4px; text-align:left;}
        </style>
    </head>

    <body>
        <div id="bigWrapper">

            <div id="wrapper">

                <div id="header">
                </div>

                <div id="sidebar">

                <?php
                require_once('MenuLeft.php');
                ?>

                </div>

                <!-- End of Header & Start Content -->

                <div id="body">

                    <div id="entryTitlePage"><?php echo $page_title; ?></div>

                       <!-- TODO: CSS this form -->
                        <form id="changePassw" name="changePassw" action="ChangePassw.php" method="POST" class="frontEnd03">
                            <fieldset>

                                <legend>Type your Old password and New password</legend>

                                <ul>
                                    <li>
                                        <label title="Old Password" for="passwordOld">Old Password</label>
                                        <input type="password" name="passwordOld" id="passwordOld" size="20" maxlength="30" />
                                    </li>

                                    <li>
                                        <label title="New Password" for="password1">New Password</label>
                                        <input type="password" name="password1" id="password1" size="20" maxlength="30" />
                                    </li>

                                    <li>
                                        <label title="Confirm New Password" for="password2">Confirm New Password</label>
                                        <input type="password" name="password2" id="password2" size="20" maxlength="30" />
                                    </li>

                                </ul>

                                <input class="ButtonSubmit" type="submit" name="SubmitChangePassw" value="Change Password" />

                                <input type="hidden" name="submitted" value="TRUE" />

                                <br />
                                <small class="msgForm01"><?php echo MSSG_PASSW_REQ; ?></small>

                            </fieldset>
                        </form>

                        <div class="entrybody"> <br /> </div>

                    <?php
                    //// User is Log on and Form was Submitted
                    if (isset($_POST['submitted']))
                    {
                        require_once(MYSQL);
                        require_once(STATEM_MYSQL);
                        require_once('FEFunctions.php');

                        $p_new;

                        if (isValid('password', $_POST['passwordOld']))
                        {
                            if (isValid('password', $_POST['password1']))
                            {
                                if (strcmp($_POST['password1'],$_POST['password2']) == 0)
                                {
                                    $p_temp = clean($_POST['password1'], $dbc);
                                    if(strcmp($p_temp,$_POST['password1']) == 0)
                                    {
                                        $p_new = $p_temp;
                                    }
                                    else
                                    {
                                        echo '<p class="error">Your new password is invalid. ' . MSSG_PASSW_REQ . '</p>';
                                    }
                                }
                                else
                                {
                                    echo '<p class="error">Your New Password did not match the Confirm New Password!</p>';
                                }
                            }
                            else
                            {
                                echo '<p class="error">Your new password is invalid. ' . MSSG_PASSW_REQ . '</p>';
                            }
                        }
                        else
                        {
                            echo '<p class="error">Your old password is invalid. ' . MSSG_PASSW_REQ . '</p>';
                        }


                        if(!empty($p_new))
                        {
                            //// Password to change is Ok
                            $p_temp = clean($_POST['passwordOld'], $dbc);

                            if(strcmp($p_temp,$_POST['passwordOld']) == 0)
                            {
                                $q = sprintf($U_None_Newpassw_EmailOldpass, $p_new, $_SESSION['SESS_USER_EMAIL_FE_ID'], $_POST['passwordOld']);
                                $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));

                                if(mysqli_affected_rows($dbc) == 1)
                                {
                                    //// TODO: Send email change Password
                                    echo "<p class='entrybodybold'><font color='#00CC00'>Your password has been changed</font></p>";
                                }
                                else
                                {
                                    echo '<p class="error">Your password was NOT changed. Make sure you input the right Current Password. Also, make sure that the New Password is different than the Current Password.</p>';
                                }
                                mysqli_close($dbc); // Close the database connection.
                            }
                            else
                            {
                                echo '<p class="error">Your old password is invalid. ' . MSSG_PASSW_REQ . '</p>';
                            }
                        }
                        else
                        {
                            //// Failed the validation
                            echo '<p class="error">Please try again. Make sure you input the correct Current Password. Also, make sure that the New Password is valid and match Confirm New Password.</p>';
                        }
                    }

                    ?>
</div> <!-- Closes body -->
                <!-- End of Content & Start Footer -->

                    <div id="footer">

                    <?php
                    //// Includer Footer
                    include ('footer.php');
                    ?>

                    </div>

                </div> <!-- Closes Wrapper -->
            </div> <!-- Closes bigWrapper -->
        </body>
    </html>
<?php
require_once('App-End.php');
?>

<!-- Designed & Developed By Jose Trujillo (2011) -->